Date: Sun, 29 Aug 2004 09:46:11 GMT From: Ville-Pertti Keinonen <will@iki.fi> To: freebsd-gnats-submit@FreeBSD.org Subject: misc/71096: pflogd doesn't write valid pcap savefiles on 64-bit architectures Message-ID: <200408290946.i7T9kBgw058088@www.freebsd.org> Resent-Message-ID: <200408290950.i7T9o80d078256@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 71096 >Category: misc >Synopsis: pflogd doesn't write valid pcap savefiles on 64-bit architectures >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Sun Aug 29 09:50:08 GMT 2004 >Closed-Date: >Last-Modified: >Originator: Ville-Pertti Keinonen >Release: 6.0-current >Organization: >Environment: FreeBSD [hostname] 6.0-CURRENT FreeBSD 6.0-CURRENT #0: Sun Aug 29 11:59:34 EEST 2004 root@[hostname]:/usr/obj/usr/src/sys/CRASH amd64 >Description: pflogd is storing instances of struct pcap_pkthdr where it should be storing instances of struct pcap_sf_pkthdr. On 64-bit architectures, this includes native-sized struct timevals, causing programs that read pcap savefiles (tcpdump, ethereal) to be unable to read /var/log/pflog. Additionally, /etc/rc.d/pflog is broken, as it tries to load a kernel module called pflog, but the functionality is present in a module called pf. >How-To-Repeat: See full description. >Fix: http://will.iki.fi/patches/pflogd.diff s/kldload pflog/kldload pf/ in /etc/rc.d/pflog >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200408290946.i7T9kBgw058088>